security

I’ve been updating the Winnipeg Code Camp website over the last few weeks with sessions and speakers as we’ve added them, and I’m happy to announce the full set of sessions!* We have a very interesting mix this year with new speakers and varied technologies! Remember this is a *FREE* event, so head over to our website to find out how to register for what will be a fantastic code camp! *OK, so we still have one session that needs to be have an official title, and one session that’s still TBA…but close ......

It would appear that one of the biggest threats to our digital security has been exploits in Word documents. Or at least, from the extensive security features built into Word 2010, one would come to that conclusion. I came across an odd issue tonight while testing a Silverlight application. I had a Word document (a .doc file, not .docx) on a webserver, but when I tried to access it I got this: To which I said “Yes”, but when Word 2010 opened up, I got this message: I thought maybe there was an issue ......

So with Mix 10 approaching, and the voting for the community submissions open, I’m sure you’re wondering “D’Arcy, who are YOU voting for?” since obviously my recommendations and backing is GOLDEN. So this can either be seen as a boost to the submitters, or the kiss of death to their hopes of speaking. I prefer to think the former, but hey, enough chit-chat, let’s look at my ballet pics! SketchFlow for Real Software Development David Wesst Vote For This Talk! There are a few SketchFlow talks scheduled ......

The next Winnipeg SharePoint UG event will be on Tuesday, November 24th at 5:30 PM. Same location as always: 17th floor conference room at the Richardson Building (One Lombard Place). Pizza will be provided. Presentation abstract is below, and to register please visit our registration site here. Architecting SharePoint Solutions Presenter: Juan Larios During the last year or so, Juan Larios has been working for a local client and has had a chance to architect solutions to common problems that many ......

Cloud computing holds great promise to the next evolution of business and consumer computing. Amazon has been in the cloud computing game for a while now. In addition to their Azure platform for hosting cloud applications, Microsoft also has online services for pictures, blogs, videos, and files. Google has similar software-as-a-service offerings as well. As other companies bring their offerings to the market, we’ll see more and more options to store our data and files “in the cloud”. But in our ......

Let’s play a game of “What if…”. What if you were a Canadian flying from Toronto to Vancouver. The only piece of luggage you had was a metal case containing $5000.00. When you went through security, the officers noticed that you were carrying a large sum of money with you. Now what is the acceptable response from the security officers? Should they be allowed to question you about the money? How about your job, what you were doing in Toronto, what you’ll be doing in Vancouver? Realize that while carrying ......

By default comments are disabled on SharePoint blogs. Here’s how you enabled them: Go to your blog page and click the Manage Comments link under the Admin links. Expand the settings menu and select List Settings. Click on “Permissions for this List”. Click on the NT Authority\authenticated users. Now here’s the part I think is sort of screwy. Out of the box, you can grant people full, design, contribute, and read permissions. The closes that you’d want is contribute. However, this still gives your ......

This is my Super Secret Stuff folder. It’s a zip file, and I need to pass on my super secret stuff to some super secret person who will be the only person knowing the super secret password to open it. So I open the zip file in explorer and…um…where’s my “Add Password” option in the file menu?! It’s GONE! It’s also not under any of the other menu items. I’m going to chalk this up to it being a beta, but still…shouldn’t this have been part of Explorer since its been a mainstay in Windows XP and Vista? ......

Remember how annoying it was to get two computers on a network to share files between each other? I don’t mean on a domain or anything, but on a typical home network where you don’t have a domain controller or anything at that level, and at most you had a workgroup value assigned to each machine. With Windows 7, getting your computers to talk to each other is SO SIMPLE. In fact, the least amount of work you have to do to get it working is entering a password. Here’s how it works. Homegroup When you ......

After the PDC closed at 3PM, a group of us went over to the Liberty Grille again for a bite to eat. We’d been there the night before and had a really good experience, so thought we’d try it again. Everything was going fine until 5:00 came around and I had to leave. First, our waiter was nowhere to be found and I asked another waiter to get him for us and if he could bring my bill that would be great. Our waiter shows up with the bill for the entire table. I explain that I only am paying for my portion. ......

Ok, so here’s the situation: Application calls a web service over SSL. Here’s the question: Do you use WSE to perform authorization, or do you roll your own auth mechanism (i.e. send a GUID down and pass it back and forth with the server managing the GUID list?) I looked at the WSE samples from MSDN, and it just looked like way too much overhead for a message that is going to travel point to point and compared to how simple it would be to create, send, and manage a GUID list on the server for authentication…all ......

Back to Universal Studios for the Attendee Party, and a good time was had by all! Part of the park was closed off to us (I believe because of another party that seemed to be going on), but we still had a HUGE area to ourselves, and the majority of the attractions. All the food, drinks, and booze were free as well. Unfortunately the hours we had there were cut from 6 - 11 to 8 - 11. Now, you might think that three hours was alot of time...but not when lineups for the more popular rides were between ......

I’m attending the first heat of Speaker Idol here at Tech Ed...I'm competing in the third heat and want to "scope out the competition". The judges are Steve Smith, Yasir from Austria, Mark Dunn, and Scott Stansfield (winner from last year). Rachel Appel is up first. She’s going to be talking about Dynamic Data. OMG, she’s using Northwind…I just heard Scott Hanselman from accross the convention center scream “NOOOOOOOOOO…”. Honestly I haven’t looked into Dynamic Data much, but I see that its using ......

So yesterday was the day before leaving for Tech Ed, and so I decided that it would be the *perfect* time to finally upgrade my travel laptop to Windows Server 2008. I mean seriously, how hard could it be?! Well...for the most part it wasn't. I actually really like having Server 2008 on my machine, except for one small issue that has become the dealbreaker...but let me just gloss over some things quickly for those thinking of doing the same thing: - When you install Server 2008, just do Standard ......

I'm heading to Regina tonight (thank you Telus Aircard for the uninterrupted, hassle free internet!) to attend their community connection event in association with the VS.NET 2008 launch events. Very pumped. I'm meeting Gary and Will for drinks...I guess I'll have to sample Pilsner...I never have. [Edit] In the time that I started writing this and right now, they just announced the flight will be delayed...I'm not boarding until 9ish, which is about 40 minutes late.[/Edit] So...I'm going through ......

Now that the code camp is over, it's time for some reflection of what went well, what we'd do differently, and what others should watch out for in planning their own code camp. Do get a solid team for pulling off a Code Camp The guys we had organizing our event were top notch and is the main reason the event went off without a hitch. Organizing an event like this is not trivial, and you need to ensure that you have a team around you that buys into the event. Do contact sponsors and don't be afraid ......

Are there really places that just use zip files for source control? Wow. I've been lucky to never have worked anywhere like that...VSS was always the lowest point I was at. Optimistic locking is a good thing; keeps things current. Friends don't let friends use VSS. Tortoise SVN has an adapter for TFS that allows you to see the status of your files (checked out, not checked out) in your explorer! Very kewl. Branching - How to Structure Your Sourcecode Folder Subversion can move the folder structure ......

I heart Rob Windsor...I must say that up front. Rob is a class guy and I'm really looking forward to him stroking my cereberal cortex with WCF goodness. WCF Basics Service ContractDefined by an interface type,a nd attributes are used to indicate the methods that will be included in the service topic. Service ClassRegular class with no inheritance requirements and implements the service contract interface. Service HostServices hosted in any application, as well as IIS.Service ClientConsumes operations ......

Ran into this today...seems like its a common run in on the net, so just wanted to record it here for my own notes. If the security tab isn't visible on any of your folder properties in XP, you may have "Use Simple File Sharing" selected in your Folder Options. Open Explorer and go to Tools>Folder Options. Click the "View" tab and scroll to the bottom of the listbox with the heading "Advanced Settings". Clear the "Use Simple File Sharing" checkbox. D ......

So the new version of Safari is out in beta, not just for Mac but for Windows. This is great news! I mean, now they have TWO code-bases to fix the horrendous bugs on instead of just one! There's no secret that I'm not a huge fan of Safari. It was buggy as hell when I first used it on my Mac back in November when I got it, and i've been in very happy Firefox bliss ever since. But I applaud Apple for not giving up on Safari, and I'm willing to give it another shot. That shot lasted 5 minutes. I loaded ......

I'm banging my head against the wall on this one... I have a Sharepoint 2007 webpart which displays a datagrid. I need to implement functionality to export the data from the grid into an Excel spreadsheet. So in my Export function in my code behind, I do this: [Start Code] Context.Response.Clear(); Context.Response.AddHeader(... "attachment;filename=myexce... = "application/vnd.xls"String... sw = new StringWriter();HtmlTextWriter htw = new ......

File this under "Alternate Defenses": From this article: "Our security research team has observed a new zero day exploit being used to infect systems. Coming from a porn website, this particular one is a vulnerability in VML inside of Internet Explorer." Their solution: "This exploit can be mitigated by turning off Javascripting." Um...how about you just DON'T VISIT PORN SITES?! Geeze... D ......

Interesting article about a new “feature” of Google desktop that will actually copy text-based files to Google servers so you can search for files from accross different computers. The security issue is that, since they're stored on Google's servers, any government agency can subpeana (sp?) those files without needing a warrant (or something like that...basically they can't guarantee privacy). http://www.eff.org/news/arc... D ......

Microsoft is finally ending support for Windows 98 and ME this June. This probably wouldn't be a big deal for most people if not for the fact no new security patches will be released. Guess its time for all those 98 users (or those unlucky enough to have bought ME) to upgrade to XP.